Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/django/middlewares.py
Show All 17 Lines | class OIDCSessionExpiredMiddleware: | ||||
the OpenID Connect authentication backend got his session expired. | the OpenID Connect authentication backend got his session expired. | ||||
In that case it will perform a redirection to a django view whose | In that case it will perform a redirection to a django view whose | ||||
name must be set in the ``SWH_AUTH_SESSION_EXPIRED_REDIRECT_VIEW`` | name must be set in the ``SWH_AUTH_SESSION_EXPIRED_REDIRECT_VIEW`` | ||||
django setting (typically a logout view). | django setting (typically a logout view). | ||||
The following query parameter will be set for that view: | The following query parameter will be set for that view: | ||||
* ``next_path``: requested URL before the detection of the session expiration | * ``next``: requested URL before the detection of the session expiration | ||||
* ``remote_user``: indicates that the user was previously authenticated with OIDC | * ``remote_user``: indicates that the user was previously authenticated with OIDC | ||||
""" | """ | ||||
def __init__(self, get_response=None): | def __init__(self, get_response=None): | ||||
self.get_response = get_response | self.get_response = get_response | ||||
self.redirect_view = getattr( | self.redirect_view = getattr( | ||||
settings, "SWH_AUTH_SESSION_EXPIRED_REDIRECT_VIEW", None | settings, "SWH_AUTH_SESSION_EXPIRED_REDIRECT_VIEW", None | ||||
Show All 21 Lines | def __call__(self, request): | ||||
or "OIDC" not in request.session[BACKEND_SESSION_KEY] | or "OIDC" not in request.session[BACKEND_SESSION_KEY] | ||||
or request.path in self.exempted_urls | or request.path in self.exempted_urls | ||||
): | ): | ||||
return self.get_response(request) | return self.get_response(request) | ||||
# At that point, we know that a OIDC user was previously logged in | # At that point, we know that a OIDC user was previously logged in | ||||
# and his session has expired. | # and his session has expired. | ||||
# Redirect to a view specified in django settings. | # Redirect to a view specified in django settings. | ||||
next_path = request.get_full_path() | next = request.get_full_path() | ||||
logout_url = reverse( | logout_url = reverse( | ||||
self.redirect_view, query_params={"next_path": next_path, "remote_user": 1} | self.redirect_view, query_params={"next": next, "remote_user": 1} | ||||
) | ) | ||||
return HttpResponseRedirect(logout_url) | return HttpResponseRedirect(logout_url) |